Skip to content
This repository has been archived by the owner on May 26, 2023. It is now read-only.

Latest commit

 

History

History
72 lines (60 loc) · 1.82 KB

040.md

File metadata and controls

72 lines (60 loc) · 1.82 KB
Raw

KingNFT

medium

Calculation of 'rebate' parameter of 'UpdateReferral' event is not correct

Summary

Calculation of 'rebate' parameter of 'UpdateReferral' event is not correct.

Vulnerability Detail

Overview of related source code and audit

event UpdateReferral(
    address referrer,
    bool isReferralValid,
    uint256 totalFee,
    uint256 referrerFee,
    uint256 rebate,
    string referralCode
);

function _processReferralRebate(
    address user,
    uint256 totalFee,
    uint256 amount,
    string calldata referralCode,
    bool isAbove,
    bool isReferralValid
) internal returns (uint256 referrerFee) {
    address referrer = referral.codeOwner(referralCode);

    if (referrer != user && referrer != address(0)) {
        referrerFee = ((totalFee *
            referral.referrerTierDiscount(
                referral.referrerTier(referrer)
            )) / (1e4 * 1e3));
        if (referrerFee > 0) {
            tokenX.transfer(referrer, referrerFee);

            (uint256 formerUnitFee, , ) = _fees(
                10**decimals(),
                _getbaseSettlementFeePercentage(isAbove)
            );
            emit UpdateReferral(
                referrer,
                isReferralValid,
                totalFee,
                referrerFee,
                ((formerUnitFee * amount) - totalFee), // @audit should be ((formerUnitFee * amount / 10**decimals()) - totalFee) 
                referralCode
            );
        }
    }
}

The correct fomula is

rebate = ((formerUnitFee * amount / 10**decimals()) - totalFee)

Impact

dAPPs working based on the event would not work.

Code Snippet

https://github.com/sherlock-audit/2022-11-buffer/blob/main/contracts/contracts/core/BufferBinaryOptions.sol#L488

Tool used

Manual Review

Recommendation

Replace with the correct fomula